Breaking
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621 Hackers Hide Credit Card Stealer in Pixel-Sized SVG Images Targeting Magento Stores Microsoft Suspends Developer Accounts for High-Profile Open Source Projects European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack Ransomware Attacks Surge in 2026: Healthcare and Finance Most Targeted Google Chrome Zero-Day Vulnerability Actively Exploited – Update Immediately Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621 Hackers Hide Credit Card Stealer in Pixel-Sized SVG Images Targeting Magento Stores Microsoft Suspends Developer Accounts for High-Profile Open Source Projects European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack Ransomware Attacks Surge in 2026: Healthcare and Finance Most Targeted Google Chrome Zero-Day Vulnerability Actively Exploited – Update Immediately
Latest Threat Intel Zero-Days Data Breaches Analysis
Live threat feed May 18, 2026 | 23:32 UTC
4026 CVEs This Month
6 Actively Exploited
2 Ransomware Activity
18 Breaches YTD
Threat Investigation Portal
Investigate an IOC in the live graph workspace.
Investigate IOC
Ransomware

China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware

Thirumala Rao Padilam Thirumala Rao Padilam April 7, 2026
China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware

A China-linked threat actor, Storm-1175, has been observed employing a blend of zero-day and N-day vulnerabilities in rapid succession to breach internet-facing systems and deploy Medusa ransomware.

What happened

Security researchers have connected the Storm-1175 group to the exploitation of both zero-day and known N-day vulnerabilities. This combination allows the actor to carry out fast-moving attacks that compromise exposed network assets, facilitating the deployment of Medusa ransomware.

Why it matters

The use of zero-day and N-day exploits in high-tempo campaigns highlights the evolving tactics of ransomware groups and their capability to quickly penetrate and impact vulnerable systems, raising the importance of proactive vulnerability management.

Key technical details

Storm-1175 leverages a mix of unknown zero-day vulnerabilities alongside existing N-day exploits to target internet-facing systems. Their approach emphasizes rapid identification and exploitation of exposed perimeter assets, enabling swift and effective ransomware deployment.

Affected organizations/products

Internet-facing systems vulnerable to the exploited zero-day and N-day vulnerabilities; Medusa ransomware campaigns linked to Storm-1175

Source attribution

https://thehackernews.com/2026/04/china-linked-storm-1175-exploits-zero.html

Thirumala Rao Padilam
Written by
Thirumala Rao Padilam
error: Content is protected !!